Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1276
Views
23
Helpful
9
Replies

NAT

Tien_Huy1995
Level 1
Level 1

‎02-20-2017 08:14 AM - edited ‎03-05-2019 08:04 AM

how to config NAT?

Labels:
0 Helpful
9 Replies 9

Julio E. Moisa
VIP Alumni
VIP Alumni

‎02-20-2017 08:57 AM

Hi

Are you going to configure it on a firewall or router? There are 3 types of NAT:

- Static NAT
- Dynamic NAT
- PAT (Port Address Translation)

Example of static NAT

It is a NAT for one to one. 

interfaces fa0/0
description INTERNAL-NETWORK
ip nat inside

interface fa0/1
description PUBLIC-NETWORK
ip nat outside

ip nat inside source static <Private IP> <Public IP>

Example of dynamic NAT

In this type of NAT you can use a pool of public IP addresses to translate the internal networks to them:

interfaces fa0/0
description INTERNAL-NETWORK
ip nat inside

interface fa0/1
description PUBLIC-NETWORK
ip nat outside

ip access-list standard PRIVATE-NET
permit 192.168.0.0 255.255.0.0

ip nat pool TESTPOOL 140.X.Y.10 140.X.Y.12 Netmask 255.255.255.0   (this pool include the IP. 10, 11 and 12 only)

IP NAT INSide SOUrce LIst PRIVATE-NETS pool TESTPOOL

Example of a PAT configuration:

This kind of NAT uses an unique source port number translation, instead of IP address translation. Port Numbers are 16-bit binary numbers and we have 65535 port numbers available. This kind of NAT is commonly used because you don't wast public IP addresses, You only need one Public IP. 

Step 1) Configure the interfaces to be inside and outside

interfaces fa0/0
description INTERNAL-NETWORK
ip nat inside


interface fa0/1
description PUBLIC-NETWORK
ip nat outside

Step 2) Match the private subnets that will be translated to public IP

ip access-list standard PRIVATE-NET
permit 192.168.0.0 255.255.0.0

Step 3) Configure the NAT command line to translate the private addresses to a public IP

ip nat inside source list PRIVATE-NET interface fa0/1 overload 

** If you are using your NAT config to reach Internet access, also remember to include a default route pointing to your ISP.  The router where the NAT will be applied must know the subnets that you will translate.

This link could be useful:

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt-book/iadnat-addr-consv.html

Please rate the comment if it was useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

paul driver
VIP
VIP
In response to Julio E. Moisa

‎02-20-2017 09:11 AM

Hello

Just like to add you can utilize Domain-less NAT ( NVI NAT) which differs from Domain based nat regards order of operations and route lookups.

Domain Based -  (route lookups performed either before of after nat translation - Subject to default nat order
interface x/x
ip nat inside/outside


Domain-less (NVI) Based - (route lookups performed before AND after nat translation, uses Nat Virtual Interface NVI)

interface x/x
ip nat enable

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Tien_Huy1995
Level 1
Level 1
In response to Julio E. Moisa

‎02-20-2017 04:22 PM

Thanks!

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni
In response to Tien_Huy1995

‎02-20-2017 05:19 PM

You are welcome 

:-)  

Have a good day!




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Tien_Huy1995
Level 1
Level 1
In response to Julio E. Moisa

‎02-21-2017 07:36 AM

Do u know ebooks to study ccna ?

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni
In response to Tien_Huy1995

‎02-21-2017 08:13 AM

Hi

I recommend these books:

http://www.ciscopress.com/markets/detail.asp?st=44711

and

First steps for routing and LAN switching

http://www.ciscopress.com/search/index.asp?query=first+step

:-)

Theory and Practice is the key. 

Hope it is useful. 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Tien_Huy1995
Level 1
Level 1
In response to Julio E. Moisa

‎02-23-2017 01:37 AM

do u know web or forum to study ccna,ccnp , these book to much for me 

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni
In response to Tien_Huy1995

‎02-23-2017 04:40 AM

Hi my friend,

No worries, you could verify the topics of each certification and investigate them through internet one by one.

http://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna-routing-switching.html#~exam

Also you can create discussions through the Cisco Learning community:

https://learningnetwork.cisco.com/welcome

Other option is buy used books.

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Tien_Huy1995
Level 1
Level 1
In response to Julio E. Moisa

‎02-23-2017 05:50 AM

ok ,very helpful :)

0 Helpful
Customers Also Viewed These Support Documents